adhoc queray s_phd_48000510
Hi, all friends,
We use adhoc query S_PH0_48000510 - Ad Hoc Query for running reports on hr master data. some of our pay details for our senior employees is sensitive data and we have restricted who can view their details through standard authorizations.
If a Junior HR person can't view their pay details in PA20, we dont want them to be able to see their detail from adhoc query. when they run a query in adhoc, these employees details are appearing.
How do we stop this from occurring?
Farhan Khan replied
You will need to maintain authorisation object P_ORGIN within the user's role; this object allows you to restrict by infotype, personnel area, ee gp, ee subgroup, subtype and org key.assignment.
Or P_ORGINCON, which is the same, but with authorisation profile aswell.
If you need to restrict further, you may use structural authorisation, which is configured through OOSP and OOSB for assignment.